However if I look at a specific implementation in C# when deriving the key using Rfc2898DeriveBytes, a salt value is required and I understand the need of the salt.
But obviously I will need the salt later on the regenerate the key from my secret passphrase.
Does that imply that the salt itself is not a secret and can be stored together with the encrypted record in cleartext, just like the IV?